Trouble with OFX and my bank, Kinecta Federal Credit Union
Bill De La Vega
billdlv81 at gmail.com
Tue Feb 2 14:13:42 EST 2016
Thanks for the effort, still does not work. I missed a hyphen initially in
the UUID but I tried again with the same result. I give up, as I am using
the same login / password I have used since I had the account. The same
login / password works for the bank's website, and their app. I guess
direct access is not used by many people.
OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:20160202110245.000
<OFX><SIGNONMSGSRQV1><SONRQ><DTCLIENT>20160202110245.000<USERID>xxxx
<USERPASS>xxxxxxx
<LANGUAGE>ENG<FI><ORG>KINECTA<FID>322278073</FI><APPID>QWIN<APPVER>2500</SONRQ></SIGNONMSGSRQV1><SIGNUPMSGSRQV1><ACCTINFOTRNRQ><TRNUID>20160202110245.000<CLTCOOKIE>1<ACCTINFORQ><DTACCTUP>19691231</ACCTINFORQ></ACCTINFOTRNRQ></SIGNUPMSGSRQV1></OFX>
Received:
-------------------------------------
OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:20160202110245.000
<OFX>
<SIGNONMSGSRSV1>
<SONRS>
<STATUS>
<CODE>15500
<SEVERITY>ERROR
</STATUS>
<DTSERVER>20160202190254
<LANGUAGE>ENG
<FI>
<ORG>KINECTA
<FID>322278073
</FI>
</SONRS>
</SIGNONMSGSRSV1>
<SIGNUPMSGSRSV1>
<ACCTINFOTRNRS>
<TRNUID>20160202110245.000
<STATUS>
<CODE>15500
<SEVERITY>ERROR
</STATUS>
<CLTCOOKIE>1
</ACCTINFOTRNRS>
</SIGNUPMSGSRSV1>
</OFX>
Sending:
-------------------------------------
OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:20160202110438.000
<OFX><SIGNONMSGSRQV1><SONRQ><DTCLIENT>20160202110438.000<USERID>XXX
<USERPASS>XXXXX
<LANGUAGE>ENG<FI><ORG>KINECTA<FID>322278073</FI><APPID>QWIN<APPVER>2500<CLIENTUID>AD1F1DFD-6D564418AEB2F227918CF5A0</SONRQ></SIGNONMSGSRQV1><SIGNUPMSGSRQV1><ACCTINFOTRNRQ><TRNUID>20160202110438.000<CLTCOOKIE>1<ACCTINFORQ><DTACCTUP>19691231</ACCTINFORQ></ACCTINFOTRNRQ></SIGNUPMSGSRQV1></OFX>
Received:
-------------------------------------
OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:20160202110438.000
<OFX>
<SIGNONMSGSRSV1>
<SONRS>
<STATUS>
<CODE>15500
<SEVERITY>ERROR
</STATUS>
<DTSERVER>20160202190439
<LANGUAGE>ENG
<FI>
<ORG>KINECTA
<FID>322278073
</FI>
</SONRS>
</SIGNONMSGSRSV1>
<SIGNUPMSGSRSV1>
<ACCTINFOTRNRS>
<TRNUID>20160202110438.000
<STATUS>
<CODE>15500
<SEVERITY>ERROR
</STATUS>
<CLTCOOKIE>1
</ACCTINFOTRNRS>
</SIGNUPMSGSRSV1>
</OFX>
Thanks,
Bill
On Mon, Feb 1, 2016 at 6:32 PM, David Reiser <dbreiser at icloud.com> wrote:
> Hmm. If you want to grasp at straws:
> Launch Gnucash with the logging option you used earlier
> Update the Application Version to 2500 (might as well make it the most
> recent)
> Change the Header Version in the same dialog from “102” to “103”
> Back on the User Settings tab in the same dialog, paste a UUID into the
> Client UID box
>
> To get a UUID, go to the Terminal.app and type
>
> uuidgen
>
> copy the output, paste it into an editor and strip out the hyphens. Paste
> the remaining characters into the Client UID entry.
>
> Now try a connection.
>
> The only reason this setup would work would be that Kinecta has flipped
> the switch in Intuit’s server software to require multifactor
> authentication. Quicken totally hides the Client UID from users. So Kinecta
> wouldn’t have mentioned it any time, because it isn’t on their scripts.
> However, the bank does need to do something to verify that the Client UID
> that some version of Quicken sent them does in fact belong to your copy of
> Quicken instead of someone else’s. When Chase flipped the switch in
> November, there was a note in the ofx.log saying something like “go check
> your secure email at Chase.com <http://chase.com>”. Then there was
> another hoop to jump through after logging into the web site.
>
> There is also the possibility that you’ve tripped some maximum number of
> login attempts without succeeding. Even if multifactor authentication was
> the cause, you may have to find some way to have the bank reset your
> access.
>
> Dave
> --
> Dave Reiser
> dbreiser at icloud.com
>
>
>
>
>
> On Feb 1, 2016, at 8:18 PM, Bill De La Vega <billdlv81 at gmail.com> wrote:
>
> It is set at 2200. Intuit 2013.
>
> Thanks,
> Bill
>
>
> On Mon, Feb 1, 2016 at 4:53 PM, David Reiser <dbreiser at icloud.com> wrote:
>
>> Nothing obvious there. What are you using for the Application Version?
>> (Aqbanking setup, Edit User, Application Settings tab). Anything less than
>> 2200 is probably locked out of directconnect activity under Intuit’s forced
>> obsolescence plan.
>>
>> Dave
>> --
>> Dave Reiser
>> dbreiser at icloud.com
>>
>>
>>
>>
>>
>> > On Jan 25, 2016, at 8:42 PM, Bill De La Vega <billdlv81 at gmail.com>
>> wrote:
>> >
>> > Hello I am using version 2.6.11 rev f67faa2+ on my Mac (10.10.5). I am
>> > getting the following error when I try and setup accounts for OFX.
>> >
>> > When I setup a new user, I go through the process and the first
>> connection
>> > looks like this.
>> >
>> > 17:37:15 Retrieving SSL certificate
>> > 17:37:15 Connecting to server...
>> > 17:37:15 Using old SSL preparation code.
>> > 17:37:16 TLS: SSL-Ciphers negotiated: TLS1.2:RSA-AES-128-CBC:SHA256
>> > 17:37:16 TLS: Warning - The server has chosen unsafe SSL-Ciphers!
>> > 17:37:16 Connected.
>> > 17:38:17 Disconnected.
>> > 17:38:17 Connection ok, certificate probably received
>> > 17:38:17 Operation finished, you can now close this window.
>> >
>> > For the next step, when I try and retrieve the accounts list, I get the
>> > following.
>> >
>> > 17:39:12 Sending request...
>> > 17:39:12 Using old SSL preparation code.
>> > 17:39:13 TLS: SSL-Ciphers negotiated: TLS1.2:RSA-AES-128-CBC:SHA256
>> > 17:39:13 TLS: Warning - The server has chosen unsafe SSL-Ciphers!
>> > 17:39:13 Waiting for response...
>> > 17:39:13 Parsing response...
>> > 17:39:13 Parsing response
>> > 17:39:13 Status for signon request: Signon invalid (Code 15500, severity
>> > "ERROR")
>> > The user cannot signon because he or she entered an invalid user ID or
>> > password.
>> > 17:39:13 Status for account info request: Signon invalid (Code 15500,
>> > severity "ERROR")
>> > The user cannot signon because he or she entered an invalid user ID or
>> > password.
>> > 17:39:13 Operation finished, you can now close this window.
>> >
>> > I have tried using my pin instead of my password, I get the same
>> result. I
>> > have confirmed that I can access my account using the same credentials
>> via
>> > the bank's website.
>> >
>> > When I contacted the bank, they said they don't support gnu cash (no
>> > surprise there). From what I have read so far online, several people
>> claim
>> > to be able to access this bank. If I try and add an account manually, I
>> > get the same type of error.
>> >
>> > Thanks,
>> > Bill
>> > _______________________________________________
>> > gnucash-user mailing list
>> > gnucash-user at gnucash.org
>> > https://lists.gnucash.org/mailman/listinfo/gnucash-user
>> > -----
>> > Please remember to CC this list on all your replies.
>> > You can do this by using Reply-To-List or Reply-All.
>>
>>
>
>
More information about the gnucash-user
mailing list